<?php 
include_once "../../Lib/DBMySql.inc";
include_once "../../Lib/Common.php";
include_once "../../Lib/Lib.php";
include_once "../../Entities/usersObj.php";
include_once "../../DAL/usersDAL.php";
include_once "../../Lib/Content.php";
include_once "../../Lib/Session.php";

// If user not is administrator/partner manager then he/she can't user this page
if ($userSess->userroleid>2)
{
	header("Location: ../product/list.php");
	exit;	   
}
$mainDB = NewDB(DATABASE_HOST, DATABASE_NAME , DATABASE_USER, DATABASE_PASSWORD);
if (!isset($txtID) || $txtID=="")	$title		= "Add New User";
else	$title		= "Edit User Information";
$pageBack = "list.php";
$frmName = "frmMain";
$pageError	= "";

if (isset($act) && ($act=="ADD" ||$act=="EDIT")) {
	
	if ($act=="EDIT") $editFilter = "AND id<>$txtID";
	$exist = usersDAL::IsExist($mainDB,  usersObj::usernameFieldName()."='".mysql_escape_string($username)."' $editFilter");
	
	if ($exist) 
		$pageError = "Username is duplicated.";
	else
	{
		if ($act=="ADD") {
			$users = new usersObj();
			usersDAL::Pop($users);
			$users->password = md5($password);
			$users->deleteflag = "0";

			if (!usersDAL::Insert($mainDB, $users, $error)) 
				$pageError = "Invalid inserting. ($error).";
			else 
				$exit = true;
		} else if ($act=="EDIT") {
			$users = new usersObj();
			$users = usersDAL::Load($mainDB, $txtID, $pageError);
			$oldPass = $users->password;
			usersDAL::Pop($users);
			if (!isset($password) || $password=="")
				$users->password = $oldPass;
			else
				$users->password = md5($users->password);
			if (!usersDAL::Update($mainDB, $users, $error)) 
				$pageError = "Invalid updating. ($error).";
			else 
				$exit = true;
		}
	}
}
if (isset($txtID) && $txtID!="" && !isset($username)) {
	$users = usersDAL::Load($mainDB, $txtID, $pageError);
	if ($pageError=="" && $users!=null) {
		usersDAL::Push($users);
		$password = "";
		$passwordconf = "";
	}
} else if (!$exit) 
{
	$username = "";
	$password = "";
	$passwordconf = "";
}

include "../header.php";
?>
<form name=<?php  echo $frmName;?> method=post action="<?php  echo $_SERVER['PHP_SELF']; ?>">
<input type=hidden name=page value="<?php echo $page;?>">
<input type=hidden name=act value="<?php  if (!isset($txtID) || $txtID=="") echo "ADD"; else echo "EDIT";?>">
<input type=hidden name=txtID value="<?php  echo $txtID;?>">
<input type=hidden name=SortField value="<?php echo $SortField;?>">
<input type=hidden name=SortType value="<?php echo $SortType;?>">
<input type=hidden name=deleteflag value="<?php echo $deleteflag;?>">
<script>
<?php  if (isset($exit)) echo "document.$frmName.action = '$pageBack'; document.$frmName.submit();";?>
function ValidSubmit() {
	frm = document.<?php  echo $frmName;?>;
	
	if (!_CF_hasValue(frm.username, "TEXT")) {
		alert("Please enter username");
		frm.username.focus();
		return false;
	}

	<? if (!isset($txtID)) {?>
	if (!_CF_hasValue(frm.password, "TEXT")) {
		alert("Please enter password");
		frm.password.focus();
		return false;
	}
	<? }?>
	if (frm.password.value!=frm.passwordconf.value) {
		alert("Confirm <? if (isset($txtID) && $txtID!="") echo "new ";?>password is not match to <? if (isset($txtID) && $txtID!="") echo "new ";?>password");
		frm.passwordconf.focus();
		return false;
	}

	if (!_CF_hasValue(frm.userroleid, "TEXT")) {
		alert("Please select user type");
		frm.userroleid.focus();
		return false;
	}
	<? if ($userSess->userroleid>1) {?>
	if (!_CF_hasValue(frm.partnerid, "TEXT") || frm.partnerid.value=="0") {
		alert("Please select partner");
		frm.partnerid.focus();
		return false;
	}
	<? }?>

	if (!_CF_hasValue(frm.firstname, "TEXT")) {
		alert("Please enter firstname");
		frm.firstname.focus();
		return false;
	}

	if (!_CF_hasValue(frm.lastname, "TEXT")) {
		alert("Please enter lastname");
		frm.lastname.focus();
		return false;
	}

	if (!_CF_hasValue(frm.email, "TEXT")) {
		alert("Please enter email");
		frm.email.focus();
		return false;
	}
	else if (!isEmail(frm.email.value)) {
		alert("Email is invalid.");
		frm.Email.focus();
		return false;
	}

	/*
	if (!_CF_hasValue(frm.Email, "TEXT")) {
		alert("Please enter your email address.");
		frm.Email.focus();
		return false;
	}
	else if (!isEmail(frm.Email.value)) {
		alert("Email address is invalid.");
		frm.Email.focus();
		return false;
	}
	// Check number field
	if (_CF_hasValue(frm.NumberField, "TEXT") && !_CF_checknumber(frm.NumberField.value)) {
		alert("Invalid date, you must input a numeric data.");
		frm.NumberField.focus();
		return false;
	}
	if (_CF_hasValue(frm.NumberField, "TEXT") && !_CF_checkinteger(frm.NumberField.value)) {
		alert("Invalid date, you must input a integer number data.");
		frm.NumberField.focus();
		return false;
	}
	*/
	return true;		
}
</script>
<table width="99%" border="0" cellspacing="0" cellpadding="0" align="right">
	<tr valign=middle> 
		<td class="titleText" colspan=3 height=25><?php  echo $title;?></td>
	</tr>
	<tr valign=middle> 
		<td colspan=3 height=3 bgcolor="#FFFFFF"></td>
	</tr>
	<tr> 
		<td align="center" valign="top" colspan=3>
			<table width="100%" border=0 cellspacing="0" class="formBackGround">
				<tr>
					<td>
						<TABLE border=0 class="gridBody" cellPadding=0 cellspacing="0" width="100%">
							<tr class="gridHeader">
								<td colspan=4 height=20 class='errortext'><? echo $pageError;?>&nbsp;</td>
							</TR>
							<tr height=5>
								<td colspan=4 height=5></td>
							</TR>
							
							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>Username<font color="#cc0000">*</font>:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=text name="username" value="<?php  echo $username;?>" size="50" maxlength="25" class="inputText" <? if (isset($txtID) && $txtID!="") echo "readOnly";?>>&nbsp;</td>
							</TR>

							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap><? if (isset($txtID) && $txtID!="") echo "New ";?>Password<font color="#cc0000">*</font>:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=password name="password" size="50" maxlength="100" class="inputText">&nbsp;</td>
							</TR>

							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>Confirm <? if (isset($txtID) && $txtID!="") echo "New ";?>Password:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=password name="passwordconf" size="50" maxlength="100" class="inputText">&nbsp;</td>
							</TR>

							<tr class="gridBody" height=18>
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>User Type<font color="#cc0000">*</font>:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap>
									<?php  
                                    include "../../Entities/userroleObj.php"; 
                                    include "../../DAL/userroleDAL.php"; 

                                    echo GetComboBox($mainDB, userroleObj::TableName(), $whereFilter, "", "userroleid", "id", "name", 
												"Select one", "", ${"userroleid"}, "class='inputText'");
									?>&nbsp;
                                </td>
							</TR>


							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>Firstname<font color="#cc0000">*</font>:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=text name="firstname" value="<?php  echo $firstname;?>" size="50" maxlength="50" class="inputText">&nbsp;</td>
							</TR>

							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>Last<font color="#cc0000">*</font>:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=text name="lastname" value="<?php  echo $lastname;?>" size="50" maxlength="50" class="inputText">&nbsp;</td>
							</TR>

							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>Email<font color="#cc0000">*</font>:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=text name="email" value="<?php  echo $email;?>" size="50" maxlength="100" class="inputText">&nbsp;</td>
							</TR>

							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>Phone<font color="#cc0000"></font>:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=text name="phone" value="<?php  echo $phone;?>" size="50" maxlength="20" class="inputText">&nbsp;</td>
							</TR>

							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>City<font color="#cc0000"></font>:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=text name="city" value="<?php  echo $city;?>" size="50" maxlength="" class="inputText">&nbsp;</td>
							</TR>

							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>Country<font color="#cc0000"></font>:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=text name="country" value="<?php  echo $country;?>" size="50" maxlength="" class="inputText">&nbsp;</td>
							</TR>

							<?php  
								if (!isset($txtID) || $txtID=="")
									include "../../Lib/bottomNewAct.php";
								else 
									include "../../Lib/bottomUpdateAct.php";
							?>
							<tr class="gridFooter" height=20>
								<td colspan=4></td>
							</TR>
						</TABLE>
					</td>
				</tr>
			</TABLE>
		</td>
	</tr>
</table>
</form>
<?php 
include "../footer.php";
?>